Prosim o kontrolu logu (VIRUS)

skrat1 · Příspěvekod **skrat1** » 20 lis 2009 00:28

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:26:34, on 20.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Razer\Diamondback\razerhid.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\EXPERTool\TBPanel.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Razer\Diamondback\razertra.exe
C:\Program Files\Razer\Diamondback\razerofa.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\nvCplUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback\razerhid.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 8493333734
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4828 bytes

Reklama

Příspěvekod **jaro3** » 20 lis 2009 08:16

Virus Ti našla Avira, nebi odkud víš , že máš virus?

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

skrat1 · Příspěvekod **skrat1** » 20 lis 2009 15:52

Malwarebytes' Anti-Malware 1.41
Verzia databázy: 2775
Windows 5.1.2600 Service Pack 3

20.11.2009 15:51:31
mbam-log-2009-11-20 (15-51-31).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 104093
Uplynutý cas: 2 minute(s), 47 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
(Žiadne škodlivé položky)

Příspěvekod **jaro3** » 20 lis 2009 20:29

Neodpovděl si na mojí otázku..

Stáhni si RSIT (by random/random)
- spusť ho, objeví se ti okno, tak pro pokračování klikni na Continue
- počkej až program proběhne a zobrazí se ti log jinak ho najdeš zde: C:\rsit\log.txt zkopíruj sem prosím celý jeho obsah

Problémy?

skrat1 · Příspěvekod **skrat1** » 21 lis 2009 01:26

win som musel preinstalovat po tom ako sa zrutili v dosledku zavirenia. . . a zda sa mi ze na ostatnych diskoch zostala nejak pliaga, tu je vypis z logu:

Logfile of random's system information tool 1.06 (written by random/random)
Run by C2d-8200 at 2009-11-21 01:23:22
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 12 GB (46%) free of 25 GB
Total RAM: 2046 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:23:25, on 21.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Razer\Diamondback\razerhid.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\EXPERTool\TBPanel.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Razer\Diamondback\razertra.exe
C:\Program Files\Razer\Diamondback\razerofa.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\C2d-8200\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\C2d-8200.exe

O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback\razerhid.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 8493333734
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5030 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-02-17 17508864]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"Diamondback"=C:\Program Files\Razer\Diamondback\razerhid.exe [2007-02-14 147456]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-04-03 13684736]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-04-03 86016]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"GAINWARD"=C:\Program Files\EXPERTool\TBPanel.exe [2009-04-03 2181672]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-11-21 01:23:22 ----D---- C:\rsit
2009-11-20 19:23:21 ----SHD---- C:\Config.Msi
2009-11-20 19:22:18 ----D---- C:\WINDOWS\system32\XPSViewer
2009-11-20 19:22:16 ----D---- C:\Program Files\MSBuild
2009-11-20 19:22:12 ----D---- C:\Program Files\Reference Assemblies
2009-11-20 19:21:56 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-11-20 19:21:56 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-11-20 19:21:56 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-11-20 15:49:19 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$
2009-11-20 15:48:27 ----D---- C:\Documents and Settings\C2d-8200\Application Data\Malwarebytes
2009-11-20 15:48:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-20 15:48:23 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-11-20 00:45:37 ----D---- C:\WINDOWS\5DB65884C9634454AABA4CA3089281FA.TMP
2009-11-20 00:37:36 ----D---- C:\Program Files\ESET
2009-11-20 00:25:34 ----D---- C:\Program Files\Trend Micro
2009-11-19 20:49:03 ----D---- C:\Program Files\uTorrent
2009-11-19 20:49:00 ----D---- C:\Documents and Settings\C2d-8200\Application Data\uTorrent
2009-11-19 20:47:37 ----D---- C:\Documents and Settings\C2d-8200\Application Data\Media Player Classic
2009-11-19 20:46:23 ----A---- C:\WINDOWS\ODBC.INI
2009-11-19 20:46:19 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-11-19 20:45:43 ----D---- C:\Program Files\Common Files\DESIGNER
2009-11-19 20:45:34 ----D---- C:\WINDOWS\SHELLNEW
2009-11-19 20:45:33 ----D---- C:\Program Files\Microsoft.NET
2009-11-19 20:45:33 ----D---- C:\Program Files\Microsoft Office
2009-11-19 19:59:34 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2009-11-19 19:59:29 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-11-19 19:59:27 ----D---- C:\Program Files\DAEMON Tools Lite
2009-11-19 19:59:21 ----D---- C:\Documents and Settings\C2d-8200\Application Data\DAEMON Tools Lite
2009-11-19 19:29:19 ----A---- C:\WINDOWS\system32\ptpusb.dll
2009-11-19 19:29:18 ----A---- C:\WINDOWS\system32\ptpusd.dll
2009-11-19 19:14:28 ----D---- C:\Documents and Settings\C2d-8200\Application Data\Canon
2009-11-19 17:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-11-19 17:47:29 ----D---- C:\Documents and Settings\C2d-8200\Application Data\Zoner
2009-11-19 17:46:29 ----D---- C:\Program Files\Zoner
2009-11-19 17:41:50 ----RSD---- C:\WINDOWS\assembly
2009-11-19 17:41:29 ----D---- C:\WINDOWS\Microsoft.NET
2009-11-19 17:41:05 ----D---- C:\Program Files\Canon
2009-11-19 17:40:41 ----D---- C:\Program Files\Common Files\Canon
2009-11-19 17:29:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-11-19 17:29:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-11-19 17:29:05 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-11-19 17:29:00 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-11-19 17:28:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-11-19 17:28:51 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-11-19 17:28:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
2009-11-19 17:28:30 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-11-19 17:28:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-11-19 17:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-11-19 17:28:09 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-11-19 17:28:03 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-11-19 17:27:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-11-19 17:27:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-11-19 17:27:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-11-19 17:27:44 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-11-19 17:27:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-11-19 17:27:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-11-19 17:27:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-11-19 17:27:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-11-19 17:26:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-11-19 17:26:46 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-11-19 17:22:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-11-19 17:22:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-11-19 17:22:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-11-19 17:22:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-11-19 17:22:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-11-19 17:22:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-11-19 17:22:12 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-11-19 17:20:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-11-19 17:20:09 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-11-19 17:20:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-11-19 17:20:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-11-19 17:19:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-11-19 17:19:41 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-11-19 17:19:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-11-19 17:19:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-11-19 17:19:16 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-11-19 17:19:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-11-19 17:19:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-11-19 17:18:55 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-11-19 17:18:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-11-19 17:18:34 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-11-19 17:18:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-11-19 17:18:23 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-11-19 17:18:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-11-19 17:18:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-11-19 17:18:05 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-11-19 17:17:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-11-19 17:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-11-19 17:17:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-11-19 17:17:39 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-11-19 17:17:13 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-19 11:25:25 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2009-11-18 23:38:15 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-11-18 23:35:33 ----D---- C:\Program Files\Alcohol Soft
2009-11-18 23:31:34 ----A---- C:\WINDOWS\system32\MSVCR71.dll
2009-11-18 23:31:34 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2009-11-18 23:31:34 ----A---- C:\WINDOWS\system32\MFC71.dll
2009-11-18 23:31:32 ----D---- C:\Program Files\Alwil Software
2009-11-18 23:25:05 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-11-18 23:25:00 ----D---- C:\Program Files\Common Files\Adobe
2009-11-18 23:25:00 ----D---- C:\Program Files\Adobe
2009-11-18 23:21:14 ----SHD---- C:\RECYCLER
2009-11-18 23:16:09 ----D---- C:\Program Files\AC3Filter
2009-11-18 23:15:47 ----A---- C:\WINDOWS\system32\unrar.dll
2009-11-18 23:15:47 ----A---- C:\WINDOWS\avisplitter.ini
2009-11-18 23:15:46 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-11-18 23:15:46 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-11-18 23:15:46 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-11-18 23:15:45 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-11-18 23:15:45 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-11-18 23:15:44 ----D---- C:\Program Files\K-Lite Codec Pack
2009-11-18 23:13:18 ----D---- C:\Documents and Settings\C2d-8200\Application Data\ICQ
2009-11-18 23:13:05 ----D---- C:\Program Files\ICQ6.5
2009-11-18 23:07:16 ----D---- C:\WINDOWS\system32\appmgmt
2009-11-18 20:03:03 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2009-11-18 20:00:38 ----D---- C:\WINDOWS\system32\AGEIA
2009-11-18 20:00:37 ----D---- C:\Program Files\AGEIA Technologies
2009-11-18 20:00:26 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-11-18 19:59:53 ----D---- C:\WINDOWS\nview
2009-11-18 19:59:53 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-11-18 19:59:32 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-11-18 19:58:49 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-11-18 19:58:49 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-11-18 19:58:49 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-11-18 19:58:49 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-11-18 19:58:49 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-11-18 19:58:49 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-11-18 19:58:48 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-11-18 19:58:48 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-11-18 19:58:48 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-11-18 19:58:48 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-11-18 19:58:48 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-11-18 19:58:48 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-11-18 19:58:48 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-11-18 19:58:47 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-11-18 19:58:47 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-11-18 19:58:47 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-11-18 19:58:47 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-11-18 19:58:47 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-11-18 19:58:47 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-11-18 19:58:47 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-11-18 19:58:46 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-11-18 19:58:46 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-11-18 19:58:46 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-11-18 19:58:46 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-11-18 19:58:46 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-11-18 19:58:46 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-11-18 19:58:45 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-11-18 19:58:45 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-11-18 19:58:45 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-11-18 19:58:45 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-11-18 19:58:45 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-11-18 19:58:45 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-11-18 19:58:44 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-11-18 19:58:44 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-11-18 19:58:44 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-11-18 19:58:44 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-11-18 19:58:43 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-11-18 19:58:43 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-11-18 19:58:43 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-11-18 19:58:43 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-11-18 19:58:43 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-11-18 19:58:43 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-11-18 19:58:43 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-11-18 19:58:42 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-11-18 19:58:42 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-11-18 19:58:42 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-11-18 19:58:42 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-11-18 19:58:41 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-11-18 19:58:40 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-11-18 19:58:40 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-11-18 19:58:39 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-11-18 19:58:39 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-11-18 19:58:38 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-11-18 19:58:38 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-11-18 19:58:38 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-11-18 19:58:38 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-11-18 19:58:38 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-11-18 19:58:38 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-11-18 19:58:38 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-11-18 19:58:38 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-11-18 19:58:37 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-11-18 19:58:37 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-11-18 19:58:37 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-11-18 19:58:37 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-11-18 19:58:37 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-11-18 19:58:37 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-11-18 19:58:36 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-11-18 19:58:36 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-11-18 19:58:36 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-11-18 19:58:36 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-11-18 19:58:36 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-11-18 19:58:36 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-11-18 19:58:06 ----D---- C:\WINDOWS\Logs
2009-11-18 19:58:04 ----D---- C:\Program Files\EXPERTool
2009-11-18 19:56:42 ----D---- C:\Program Files\7-Zip
2009-11-18 19:54:18 ----D---- C:\WINDOWS\Prefetch
2009-11-18 19:49:28 ----N---- C:\WINDOWS\system32\msxml6r.dll
2009-11-18 19:49:28 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-11-18 19:49:18 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-11-18 19:49:18 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-11-18 19:49:16 ----N---- C:\WINDOWS\system32\credssp.dll
2009-11-18 19:49:16 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-11-18 19:49:16 ----N---- C:\WINDOWS\system32\azroles.dll
2009-11-18 19:49:16 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-11-18 19:49:15 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-11-18 19:49:14 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-11-18 19:49:14 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-11-18 19:49:14 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-11-18 19:49:14 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-11-18 19:49:13 ----N---- C:\WINDOWS\system32\onex.dll
2009-11-18 19:49:13 ----N---- C:\WINDOWS\system32\napstat.exe
2009-11-18 19:49:13 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-11-18 19:49:13 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-11-18 19:49:13 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-11-18 19:49:13 ----N---- C:\WINDOWS\system32\mssha.dll
2009-11-18 19:49:13 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-11-18 19:49:13 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-11-18 19:49:13 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-11-18 19:49:13 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-11-18 19:49:13 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-11-18 19:49:13 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-11-18 19:49:12 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-11-18 19:49:12 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-11-18 19:49:12 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-11-18 19:49:12 ----N---- C:\WINDOWS\system32\setupn.exe
2009-11-18 19:49:12 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-11-18 19:49:12 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-11-18 19:49:12 ----N---- C:\WINDOWS\system32\qutil.dll
2009-11-18 19:49:12 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-11-18 19:49:12 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-11-18 19:49:12 ----N---- C:\WINDOWS\system32\qagent.dll
2009-11-18 19:49:12 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-11-18 19:49:11 ----N---- C:\WINDOWS\system32\xmllite.dll
2009-11-18 19:49:11 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-11-18 19:49:11 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-11-18 19:49:11 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-11-18 19:49:11 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-11-18 19:49:10 ----D---- C:\WINDOWS\system32\scripting
2009-11-18 19:49:10 ----D---- C:\WINDOWS\system32\en-us
2009-11-18 19:49:09 ----D---- C:\WINDOWS\system32\en
2009-11-18 19:49:09 ----D---- C:\WINDOWS\l2schemas
2009-11-18 19:42:09 ----D---- C:\WINDOWS\network diagnostic
2009-11-18 19:41:31 ----A---- C:\WINDOWS\005522_.tmp
2009-11-18 18:22:01 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2009-11-18 18:21:50 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2009-11-18 18:19:42 ----D---- C:\WINDOWS\peernet
2009-11-18 18:19:41 ----D---- C:\WINDOWS\provisioning
2009-11-18 18:18:53 ----D---- C:\WINDOWS\ServicePackFiles
2009-11-18 18:17:01 ----D---- C:\WINDOWS\EHome
2009-11-18 17:58:59 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2009-11-18 17:58:55 ----HDC---- C:\WINDOWS\$NtUninstallKB905495$
2009-11-18 17:58:48 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2009-11-18 00:05:59 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-11-17 22:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2009-11-17 22:30:07 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2009-11-17 22:30:04 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2009-11-17 22:30:01 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$
2009-11-17 22:29:58 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2009-11-17 22:29:55 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
2009-11-17 22:29:52 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2009-11-17 22:29:49 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2009-11-17 22:29:46 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2009-11-17 22:29:43 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2009-11-17 22:29:38 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2009-11-17 22:29:30 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2009-11-17 22:26:19 ----A---- C:\WINDOWS\system32\comctl32.dll
2009-11-17 22:26:16 ----A---- C:\WINDOWS\system32\linkinfo.dll
2009-11-17 22:26:16 ----A---- C:\WINDOWS\system32\linkinfo(2).dll
2009-11-17 22:26:13 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
2009-11-17 22:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB892944$
2009-11-17 22:26:07 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-11-17 22:26:03 ----N---- C:\WINDOWS\system32\verclsid.exe
2009-11-17 22:26:00 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2009-11-17 22:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$
2009-11-17 22:22:56 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$
2009-11-17 22:22:53 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-11-17 22:22:49 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2009-11-17 22:22:46 ----HDC---- C:\WINDOWS\$NtUninstallKB835409$
2009-11-17 22:22:41 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2009-11-17 22:22:38 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2009-11-17 22:22:35 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2009-11-17 22:22:27 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2009-11-17 22:21:45 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-17 22:21:16 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-11-17 22:17:50 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2009-11-17 22:17:43 ----HDC---- C:\WINDOWS\$NtUninstallKB924191$
2009-11-17 22:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$
2009-11-17 22:17:28 ----HDC---- C:\WINDOWS\$NtUninstallKB885835_0$
2009-11-17 22:17:21 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2009-11-17 22:17:15 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
2009-11-17 22:17:09 ----HDC---- C:\WINDOWS\$NtUninstallKB921883$
2009-11-17 22:17:03 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-11-17 22:16:56 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$
2009-11-17 22:16:50 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2009-11-17 22:16:43 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2009-11-17 22:16:37 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2009-11-17 22:16:30 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$
2009-11-17 22:16:23 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2009-11-17 22:16:16 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2009-11-17 22:16:10 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2009-11-17 22:16:04 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2009-11-17 22:15:56 ----HDC---- C:\WINDOWS\$NtUninstallKB873339_0$
2009-11-17 22:15:45 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
2009-11-17 22:15:39 ----HDC---- C:\WINDOWS\$NtUninstallKB925486-IE6SP1-20060918.120000$
2009-11-17 22:15:32 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
2009-11-17 22:15:24 ----HDC---- C:\WINDOWS\$NtUninstallKB918439-IE6SP1-20060530.145346$
2009-11-17 22:15:19 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2009-11-17 22:15:14 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2009-11-17 22:14:36 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP8$
2009-11-17 22:14:26 ----HDC---- C:\WINDOWS\$NtUninstallKB918899-IE6SP1-20060725.123917$
2009-11-17 22:14:19 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-11-17 22:14:18 ----HDC---- C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$
2009-11-17 22:09:51 ----A---- C:\WINDOWS\system32\wpa.bak
2009-11-17 22:08:26 ----D---- C:\Documents and Settings\C2d-8200\Application Data\Mozilla
2009-11-17 22:08:24 ----D---- C:\Program Files\Mozilla Firefox
2009-11-17 22:08:07 ----D---- C:\Documents and Settings\C2d-8200\Application Data\Macromedia
2009-11-17 22:07:54 ----D---- C:\Documents and Settings\C2d-8200\Application Data\Adobe
2009-11-17 21:23:03 ----N---- C:\WINDOWS\system32\spnpinst.exe
2009-11-17 21:09:25 ----D---- C:\WINDOWS\RegisteredPackages
2009-11-17 21:08:32 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-11-17 21:08:32 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-11-17 21:08:32 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-11-17 21:08:32 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-11-17 21:08:32 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-11-17 21:08:32 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-11-17 21:08:32 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-11-17 21:08:32 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-11-17 21:08:32 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-11-17 21:08:32 ----N---- C:\WINDOWS\system32\px.dll
2009-11-17 21:08:31 ----D---- C:\Program Files\Winamp
2009-11-17 21:08:31 ----D---- C:\Documents and Settings\C2d-8200\Application Data\Winamp
2009-11-17 21:06:46 ----D---- C:\WINDOWS\system32\Lang
2009-11-17 21:06:37 ----D---- C:\WINDOWS\Minidump
2009-11-17 18:02:03 ----A---- C:\WINDOWS\system32\h323log.txt
2009-11-17 17:58:20 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-11-17 17:58:20 ----A---- C:\WINDOWS\system32\hidserv(3).dll
2009-11-17 17:56:27 ----A---- C:\WINDOWS\imsins.BAK
2009-11-17 17:56:25 ----D---- C:\Program Files\Common Files\ODBC
2009-11-17 17:56:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-17 17:56:25 ----A---- C:\WINDOWS\ODBCINST.INI
2009-11-17 17:56:22 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-11-17 17:56:21 ----RD---- C:\Program Files
2009-11-17 17:56:21 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-11-17 17:56:21 ----D---- C:\Program Files\Common Files
2009-11-17 17:56:19 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-11-17 17:56:19 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-11-17 17:56:19 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-11-17 17:56:17 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-11-17 17:56:17 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-11-17 17:56:17 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-11-17 17:56:17 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-11-17 17:56:17 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-11-17 17:56:17 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-11-17 17:56:17 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-11-17 17:56:17 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-11-17 17:56:17 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-11-17 17:56:17 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-11-17 17:56:17 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-11-17 17:56:17 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-11-17 17:56:15 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-11-17 17:56:15 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-11-17 17:56:15 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-11-17 17:56:15 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-11-17 17:56:15 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-11-17 17:56:15 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-11-17 17:56:15 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-11-17 17:56:13 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-11-17 17:56:13 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-11-17 17:56:13 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-11-17 17:56:13 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-11-17 17:56:13 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-11-17 17:56:11 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-11-17 17:56:09 ----A---- C:\WINDOWS\system32\irclass.dll
2009-11-17 17:56:09 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-11-17 17:56:09 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-11-17 17:56:08 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-11-17 17:56:08 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-11-17 17:56:06 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-11-17 17:56:06 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-11-17 17:56:06 ----A---- C:\WINDOWS\system32\batt.dll
2009-11-17 17:56:06 ----A---- C:\WINDOWS\notepad.exe
2009-11-17 17:56:05 ----A---- C:\WINDOWS\system32\storprop.dll
2009-11-17 17:56:04 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-11-17 17:55:33 ----RA---- C:\WINDOWS\SET7.tmp
2009-11-17 17:55:31 ----RA---- C:\WINDOWS\SET3.tmp
2009-11-17 17:55:27 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-17 17:55:27 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-17 17:55:21 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-11-17 17:55:05 ----A---- C:\WINDOWS\setuplog.txt
2009-11-17 17:55:02 ----D---- C:\Documents and Settings
2009-11-17 17:53:47 ----RASH---- C:\boot.ini
2009-11-17 17:49:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-17 17:49:34 ----RSD---- C:\WINDOWS\Fonts
2009-11-17 17:49:34 ----RD---- C:\WINDOWS\Web
2009-11-17 17:49:34 ----HD---- C:\WINDOWS\inf
2009-11-17 17:49:34 ----D---- C:\WINDOWS\WinSxS
2009-11-17 17:49:34 ----D---- C:\WINDOWS\twain_32
2009-11-17 17:49:34 ----D---- C:\WINDOWS\Temp
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\wins
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\wbem
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\usmt
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\spool
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\ShellExt
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\Setup
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\ras
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\oobe
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\npp
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\mui
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\inetsrv
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\IME
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\icsxml
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\ias
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\export
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\drivers
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\dhcp
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\config
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\3com_dmi
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\3076
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\2052
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\1054
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\1042
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\1041
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\1037
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\1033
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\1031
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\1028
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32\1025
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system32
2009-11-17 17:49:34 ----D---- C:\WINDOWS\system
2009-11-17 17:49:34 ----D---- C:\WINDOWS\security
2009-11-17 17:49:34 ----D---- C:\WINDOWS\Resources
2009-11-17 17:49:34 ----D---- C:\WINDOWS\repair
2009-11-17 17:49:34 ----D---- C:\WINDOWS\mui
2009-11-17 17:49:34 ----D---- C:\WINDOWS\msapps
2009-11-17 17:49:34 ----D---- C:\WINDOWS\msagent
2009-11-17 17:49:34 ----D---- C:\WINDOWS\Media
2009-11-17 17:49:34 ----D---- C:\WINDOWS\java
2009-11-17 17:49:34 ----D---- C:\WINDOWS\ime
2009-11-17 17:49:34 ----D---- C:\WINDOWS\Help
2009-11-17 17:49:34 ----D---- C:\WINDOWS\Driver Cache
2009-11-17 17:49:34 ----D---- C:\WINDOWS\Debug
2009-11-17 17:49:34 ----D---- C:\WINDOWS\Cursors
2009-11-17 17:49:34 ----D---- C:\WINDOWS\Connection Wizard
2009-11-17 17:49:34 ----D---- C:\WINDOWS\Config
2009-11-17 17:49:34 ----D---- C:\WINDOWS\AppPatch
2009-11-17 17:49:34 ----D---- C:\WINDOWS\addins
2009-11-17 17:49:34 ----D---- C:\WINDOWS
2009-11-17 17:48:11 ----D---- C:\Program Files\Avira
2009-11-17 17:48:11 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-11-17 17:42:39 ----A---- C:\WINDOWS\system32\esent.dll
2009-11-17 17:42:39 ----A---- C:\WINDOWS\system32\esent(3).dll
2009-11-17 17:39:50 ----D---- C:\totalcmd
2009-11-17 17:39:50 ----A---- C:\WINDOWS\wincmd.ini
2009-11-17 17:37:26 ----D---- C:\Program Files\Razer
2009-11-17 17:37:17 ----D---- C:\Documents and Settings\C2d-8200\Application Data\InstallShield
2009-11-17 17:36:29 ----D---- C:\WINDOWS\system32\RTCOM
2009-11-17 17:34:57 ----A---- C:\WINDOWS\vncutil.exe
2009-11-17 17:34:57 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2009-11-17 17:34:57 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2009-11-17 17:34:57 ----A---- C:\WINDOWS\SkyTel.exe
2009-11-17 17:34:57 ----A---- C:\WINDOWS\RtlUpd.exe
2009-11-17 17:34:57 ----A---- C:\WINDOWS\RTLCPL.EXE
2009-11-17 17:34:56 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-17 17:34:56 ----D---- C:\Program Files\Realtek
2009-11-17 17:34:56 ----A---- C:\WINDOWS\RtkAudioService.exe
2009-11-17 17:34:56 ----A---- C:\WINDOWS\RTHDCPL.EXE
2009-11-17 17:34:56 ----A---- C:\WINDOWS\MicCal.exe
2009-11-17 17:34:56 ----A---- C:\WINDOWS\ALCWZRD.EXE
2009-11-17 17:34:56 ----A---- C:\WINDOWS\ALCMTR.EXE
2009-11-17 17:34:53 ----A---- C:\WINDOWS\RtlExUpd.dll
2009-11-17 17:34:52 ----D---- C:\Program Files\Common Files\InstallShield
2009-11-17 17:33:42 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-11-17 17:33:42 ----A---- C:\WINDOWS\system32\ksuser(2).dll
2009-11-17 17:33:21 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXP$
2009-11-17 17:32:27 ----D---- C:\WINDOWS\system32\bits
2009-11-17 17:32:23 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2009-11-17 17:32:17 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-11-17 17:32:07 ----D---- C:\WINDOWS\system32\PreInstall
2009-11-17 17:32:07 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-11-17 17:32:05 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-11-17 17:32:05 ----HD---- C:\WINDOWS\$hf_mig$
2009-11-17 17:20:44 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2009-11-17 17:20:44 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2009-11-17 17:20:44 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-11-17 17:20:44 ----A---- C:\WINDOWS\system32\winhttp(3).dll
2009-11-17 17:20:44 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-11-17 17:19:53 ----A---- C:\WINDOWS\system32\usbui.dll
2009-11-17 17:18:17 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-11-17 17:18:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-11-17 17:18:16 ----D---- C:\Program Files\Intel
2009-11-17 17:18:16 ----A---- C:\WINDOWS\system32\CSVer.dll
2009-11-17 17:18:10 ----D---- C:\Intel
2009-11-17 17:16:43 ----A---- C:\WINDOWS\system32\wups2.dll
2009-11-17 17:16:43 ----A---- C:\WINDOWS\system32\wups.dll
2009-11-17 17:16:43 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-11-17 17:16:43 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-11-17 17:16:43 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-11-17 17:16:43 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-11-17 17:16:43 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-11-17 17:15:57 ----D---- C:\NVIDIA
2009-11-17 17:15:49 ----D---- C:\WINDOWS\SoftwareDistribution
2009-11-17 17:13:27 ----SD---- C:\WINDOWS\system32\Microsoft
2009-11-17 17:12:07 ----A---- C:\WINDOWS\system32\WMErrSKY.dll
2009-11-17 17:12:06 ----D---- C:\WINDOWS\system32\1051
2009-11-17 17:10:42 ----SHD---- C:\WINDOWS\Installer
2009-11-17 17:10:40 ----D---- C:\Documents and Settings\C2d-8200\Application Data\Identities
2009-11-17 17:10:36 ----HD---- C:\Program Files\Uninstall Information
2009-11-17 17:10:23 ----SD---- C:\Documents and Settings\C2d-8200\Application Data\Microsoft
2009-11-17 17:10:23 ----ASH---- C:\Documents and Settings\C2d-8200\Application Data\desktop.ini
2009-11-17 17:08:29 ----SHD---- C:\System Volume Information
2009-11-17 17:08:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-17 17:06:03 ----D---- C:\WINDOWS\system32\xircom
2009-11-17 17:06:03 ----D---- C:\Program Files\xerox
2009-11-17 17:06:03 ----D---- C:\Program Files\microsoft frontpage
2009-11-17 17:05:51 ----A---- C:\WINDOWS\control.ini
2009-11-17 17:05:51 ----A---- C:\AUTOEXEC.BAT
2009-11-17 17:05:48 ----A---- C:\WINDOWS\OEWABLog.txt
2009-11-17 17:05:47 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-11-17 17:05:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-17 17:05:29 ----RD---- C:\WINDOWS\Offline Web Pages
2009-11-17 17:05:29 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-11-17 17:05:27 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-11-17 17:05:13 ----D---- C:\WINDOWS\system32\DirectX
2009-11-17 17:04:43 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-11-17 17:04:43 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-11-17 17:04:43 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-11-17 17:04:43 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-11-17 17:04:43 ----A---- C:\WINDOWS\system32\atrace.dll
2009-11-17 17:04:39 ----A---- C:\WINDOWS\system32\desktop.ini
2009-11-17 17:04:39 ----A---- C:\WINDOWS\desktop.ini
2009-11-17 17:04:31 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-11-17 17:04:31 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-11-17 17:04:31 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-11-17 17:04:30 ----A---- C:\WINDOWS\system32\acctres.dll
2009-11-17 17:04:29 ----D---- C:\Program Files\Common Files\Services
2009-11-17 17:04:28 ----A---- C:\WINDOWS\system32\inetres.dll
2009-11-17 17:04:24 ----SD---- C:\WINDOWS\Tasks
2009-11-17 17:04:24 ----A---- C:\WINDOWS\system32\isign32.dll
2009-11-17 17:04:24 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-11-17 17:04:24 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-11-17 17:04:23 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-11-17 17:04:23 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-11-17 17:04:21 ----D---- C:\Program Files\Common Files\MSSoap
2009-11-17 17:04:15 ----D---- C:\WINDOWS\system32\Macromed
2009-11-17 17:04:15 ----D---- C:\WINDOWS\srchasst
2009-11-17 17:04:14 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-11-17 17:04:14 ----A---- C:\WINDOWS\system32\qmgr(3).dll
2009-11-17 17:04:13 ----D---- C:\Program Files\Movie Maker
2009-11-17 17:04:08 ----D---- C:\WINDOWS\PCHealth
2009-11-17 17:04:07 ----D---- C:\WINDOWS\system32\Restore
2009-11-17 17:04:07 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-11-17 17:04:07 ----A---- C:\WINDOWS\system32\srsvc(3).dll
2009-11-17 17:04:07 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-11-17 17:04:07 ----A---- C:\WINDOWS\system32\srclient.dll
2009-11-17 17:04:07 ----A---- C:\WINDOWS\system32\srclient(3).dll
2009-11-17 17:04:07 ----A---- C:\WINDOWS\system32\ils.dll
2009-11-17 17:04:06 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-11-17 17:04:06 ----A---- C:\WINDOWS\system32\msconf.dll
2009-11-17 17:04:06 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-11-17 17:04:03 ----D---- C:\Program Files\NetMeeting
2009-11-17 17:04:03 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-11-17 17:04:03 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-11-17 17:04:02 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-11-17 17:04:01 ----D---- C:\Program Files\Outlook Express
2009-11-17 17:04:01 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-11-17 17:04:01 ----A---- C:\WINDOWS\system32\schedsvc(3).dll
2009-11-17 17:04:00 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-11-17 17:04:00 ----A---- C:\WINDOWS\system32\mstask.dll
2009-11-17 17:03:57 ----D---- C:\Program Files\Common Files\System
2009-11-17 17:03:56 ----D---- C:\Program Files\Internet Explorer
2009-11-17 17:03:46 ----D---- C:\Program Files\ComPlus Applications
2009-11-17 17:03:45 ----D---- C:\WINDOWS\Registration
2009-11-17 17:03:45 ----A---- C:\WINDOWS\vbaddin.ini
2009-11-17 17:03:45 ----A---- C:\WINDOWS\vb.ini
2009-11-17 17:03:43 ----HD---- C:\Program Files\WindowsUpdate
2009-11-17 17:03:43 ----D---- C:\Program Files\Windows Media Player
2009-11-17 17:03:43 ----D---- C:\Program Files\Online Services
2009-11-17 17:03:40 ----D---- C:\Program Files\Messenger
2009-11-17 17:03:34 ----D---- C:\Program Files\MSN Gaming Zone
2009-11-17 17:03:34 ----A---- C:\WINDOWS\system32\write.exe
2009-11-17 17:03:26 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-11-17 17:03:26 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-11-17 17:03:25 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-11-17 17:03:25 ----A---- C:\WINDOWS\system32\hticons.dll
2009-11-17 17:03:25 ----A---- C:\WINDOWS\system32\avwav.dll
2009-11-17 17:03:25 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-11-17 17:03:25 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-11-17 17:03:24 ----A---- C:\WINDOWS\system32\winchat.exe
2009-11-17 17:03:18 ----A---- C:\WINDOWS\system32\getuname.dll
2009-11-17 17:03:17 ----A---- C:\WINDOWS\system32\winmine.exe
2009-11-17 17:03:17 ----A---- C:\WINDOWS\system32\sol.exe
2009-11-17 17:03:17 ----A---- C:\WINDOWS\system32\charmap.exe
2009-11-17 17:03:17 ----A---- C:\WINDOWS\system32\calc.exe
2009-11-17 17:03:16 ----A---- C:\WINDOWS\system32\reset.exe
2009-11-17 17:03:16 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-11-17 17:03:16 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-11-17 17:03:16 ----A---- C:\WINDOWS\system32\freecell.exe
2009-11-17 17:03:15 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-11-17 17:03:15 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-11-17 17:03:15 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-11-17 17:03:15 ----A---- C:\WINDOWS\system32\tskill.exe
2009-11-17 17:03:15 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-11-17 17:03:15 ----A---- C:\WINDOWS\system32\tscon.exe
2009-11-17 17:03:15 ----A---- C:\WINDOWS\system32\shadow.exe
2009-11-17 17:03:15 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-11-17 17:03:15 ----A---- C:\WINDOWS\system32\regini.exe
2009-11-17 17:03:15 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-11-17 17:03:15 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-11-17 17:03:15 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-11-17 17:03:14 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-11-17 17:03:14 ----A---- C:\WINDOWS\system32\msg.exe
2009-11-17 17:03:14 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-11-17 17:03:14 ----A---- C:\WINDOWS\system32\logoff.exe
2009-11-17 17:03:14 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-11-17 17:03:13 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-11-17 17:03:13 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-11-17 17:03:13 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-11-17 17:03:13 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-11-17 17:03:13 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-11-17 17:03:12 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-11-17 17:03:12 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-11-17 17:03:12 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-11-17 17:03:12 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-11-17 17:03:11 ----A---- C:\WINDOWS\system32\stclient.dll
2009-11-17 17:03:11 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-11-17 17:03:11 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-11-17 17:03:11 ----A---- C:\WINDOWS\system32\colbact(3).dll
2009-11-17 17:03:11 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-11-17 17:03:11 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-11-17 17:03:11 ----A---- C:\WINDOWS\system32\catsrv(3).dll
2009-11-17 17:03:10 ----A---- C:\WINDOWS\system32\comuid.dll
2009-11-17 17:03:10 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-11-17 17:03:10 ----A---- C:\WINDOWS\system32\clbcatq(3).dll
2009-11-17 17:03:02 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-11-17 17:03:02 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-11-17 17:03:02 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-11-17 17:03:02 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-11-17 17:02:55 ----D---- C:\Program Files\MSN
2009-11-17 17:02:54 ----D---- C:\Program Files\Windows NT
2009-11-17 17:02:54 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-11-17 17:02:54 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-11-17 17:02:54 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-11-17 17:02:53 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-11-17 17:02:53 ----A---- C:\WINDOWS\system32\wuauserv(3).dll
2009-11-17 17:02:53 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-11-17 17:02:53 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-11-17 17:02:53 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-11-17 17:02:53 ----A---- C:\WINDOWS\system32\spider.exe
2009-11-17 17:02:52 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-11-17 17:02:52 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-11-17 17:02:52 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-11-17 17:02:52 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-11-17 17:02:52 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-11-17 17:02:52 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-11-17 17:02:52 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-11-17 17:02:51 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-11-17 17:02:51 ----A---- C:\WINDOWS\system32\termsrv(2).dll
2009-11-17 17:02:51 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-11-17 17:02:51 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-11-17 17:02:51 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-11-17 17:02:51 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-11-17 17:02:51 ----A---- C:\WINDOWS\system32\icaapi(2).dll
2009-11-17 17:02:51 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-11-17 17:02:50 ----D---- C:\WINDOWS\system32\MsDtc
2009-11-17 17:02:50 ----D---- C:\WINDOWS\system32\Com
2009-11-17 17:02:50 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-11-17 17:02:49 ----A---- C:\WINDOWS\system32\comsvcs(3).dll
2009-11-17 17:02:49 ----A---- C:\WINDOWS\system32\catsrvut(3).dll
2009-11-17 17:02:45 ----A---- C:\WINDOWS\system32\licwmi.dll

======List of files/folders modified in the last 1 months======

2009-11-18 18:20:07 ----A---- C:\WINDOWS\win.ini
2009-11-18 18:17:57 ----RASH---- C:\NTDETECT.COM
2009-11-17 18:00:38 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-09-15 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-09-15 52368]
R1 avgntdd;avgntdd; C:\WINDOWS\SYSTEM32\DRIVERS\avgntdd.sys [2009-02-13 45416]
R1 avipbb;avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-09-15 23152]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-17 5026816]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-03-31 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-03 6280416]
R3 Razerlow;Razerlow USB Filter Driver; C:\WINDOWS\System32\Drivers\Razerlow.sys [2005-04-24 13225]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 axdtjdca;axdtjdca; C:\WINDOWS\system32\drivers\axdtjdca.sys []
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-04-03 163908]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-04-01 108289]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Příspěvekod **jaro3** » 21 lis 2009 11:15

Odinstaluj Avast nebo Aviru.

Odinstaluj:
DAEMON Tools Toolbar

Vypni rez. ochranu u zbývajícího antiviru.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

skrat1 · Příspěvekod **skrat1** » 22 lis 2009 18:09

ComboFix 09-11-20.05 - C2d-8200 22.11.2009 18:05.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2046.1643 [GMT 1:00]
Running from: c:\documents and settings\C2d-8200\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1356 [VPS 091122-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\dokumenty\cc_20090218_031250.reg
d:\dokumenty\cc_20090414_001613.reg

.
((((((((((((((((((((((((( Files Created from 2009-10-22 to 2009-11-22 )))))))))))))))))))))))))))))))
.

2009-11-22 12:33 . 2009-11-22 12:33 -------- d-----w- c:\program files\The KMPlayer
2009-11-22 09:56 . 2009-11-22 09:56 -------- d-----w- c:\program files\MSXML 4.0
2009-11-21 18:02 . 2009-11-21 18:02 1160 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-11-21 18:02 . 2009-11-21 18:02 -------- d-----w- c:\documents and settings\C2d-8200\Application Data\Corel
2009-11-21 18:01 . 2009-11-21 18:01 65536 ----a-r- c:\documents and settings\C2d-8200\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
2009-11-21 18:01 . 2009-11-21 18:01 10134 ----a-r- c:\documents and settings\C2d-8200\Application Data\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
2009-11-21 18:01 . 2009-11-21 18:01 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-11-21 18:00 . 2009-11-21 18:00 -------- d-----w- c:\program files\Corel
2009-11-21 18:00 . 2009-11-21 18:00 -------- d-----w- c:\program files\Common Files\Corel
2009-11-21 17:33 . 2009-11-21 17:33 -------- d-----w- c:\program files\Bonjour
2009-11-21 17:27 . 2009-11-21 17:27 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-11-21 00:23 . 2009-11-21 00:23 -------- d-----w- C:\rsit
2009-11-20 18:22 . 2009-11-20 18:22 -------- d-----w- c:\windows\system32\XPSViewer
2009-11-20 18:22 . 2009-11-20 18:22 -------- d-----w- c:\program files\MSBuild
2009-11-20 18:22 . 2009-11-20 18:22 -------- d-----w- c:\program files\Reference Assemblies
2009-11-20 18:21 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-11-20 18:21 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-11-20 18:21 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-11-20 18:21 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-11-20 18:21 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-11-20 18:21 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-11-20 18:21 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-11-20 14:48 . 2009-11-20 14:48 -------- d-----w- c:\documents and settings\C2d-8200\Application Data\Malwarebytes
2009-11-20 14:48 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-20 14:48 . 2009-11-20 14:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-20 14:48 . 2009-11-20 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-20 14:48 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-19 23:45 . 2009-11-19 23:45 -------- d-----w- c:\windows\5DB65884C9634454AABA4CA3089281FA.TMP
2009-11-19 23:25 . 2009-11-19 23:25 -------- d-----w- c:\program files\Trend Micro
2009-11-19 19:49 . 2009-11-19 19:49 -------- d-----w- c:\program files\uTorrent
2009-11-19 19:49 . 2009-11-22 17:01 -------- d-----w- c:\documents and settings\C2d-8200\Application Data\uTorrent
2009-11-19 19:47 . 2009-11-19 19:47 -------- d-----w- c:\documents and settings\C2d-8200\Application Data\Media Player Classic
2009-11-19 19:46 . 2003-06-19 00:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2009-11-19 19:45 . 2009-11-19 19:46 -------- d-----w- c:\windows\SHELLNEW
2009-11-19 19:45 . 2009-11-19 19:45 -------- d-----w- c:\program files\Microsoft.NET
2009-11-19 18:59 . 2009-11-19 18:59 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-11-19 18:59 . 2009-11-21 14:28 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-11-19 18:59 . 2009-11-19 18:59 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-11-19 18:59 . 2009-11-19 19:00 -------- d-----w- c:\documents and settings\C2d-8200\Application Data\DAEMON Tools Lite
2009-11-19 18:52 . 2008-04-13 23:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-11-19 18:52 . 2008-04-13 23:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-11-19 18:37 . 2009-11-19 18:37 -------- d-----w- c:\documents and settings\C2d-8200\Local Settings\Application Data\GHISLER
2009-11-19 18:29 . 2001-08-17 21:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-11-19 18:29 . 2008-04-14 04:42 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-11-19 18:18 . 2009-11-19 18:18 -------- d-----w- c:\documents and settings\C2d-8200\Local Settings\Application Data\CANON_INC
2009-11-19 18:16 . 2008-04-13 23:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-11-19 18:16 . 2008-04-13 23:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-11-19 18:14 . 2009-11-19 18:14 -------- d-----w- c:\documents and settings\C2d-8200\Application Data\Canon
2009-11-19 16:47 . 2009-11-19 16:48 -------- d-----w- c:\documents and settings\C2d-8200\Application Data\Zoner
2009-11-19 16:47 . 2009-11-19 16:47 -------- d-----w- c:\documents and settings\C2d-8200\Local Settings\Application Data\Zoner
2009-11-19 16:46 . 2009-11-19 16:46 -------- d-----w- c:\program files\Zoner
2009-11-19 16:41 . 2009-11-19 18:39 -------- d-----w- c:\program files\Canon
2009-11-19 16:40 . 2009-11-19 16:45 -------- d-----w- c:\program files\Common Files\Canon
2009-11-19 16:39 . 2008-09-04 17:15 1106944 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-11-19 10:29 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-11-19 10:28 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-11-19 10:28 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-11-19 10:28 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-11-19 10:28 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-11-19 10:28 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-11-19 10:28 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-11-19 10:28 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-11-19 10:28 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-11-19 10:27 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-11-19 10:27 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-11-19 10:27 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-11-19 10:27 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-11-19 10:27 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-11-19 10:27 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-11-19 10:26 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-11-19 10:25 . 2009-08-04 15:13 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-11-19 10:25 . 2009-08-04 14:20 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-11-19 10:25 . 2009-08-04 14:20 2066048 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-11-19 10:25 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-11-19 10:25 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-11-19 10:25 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-11-19 10:25 . 2009-08-13 15:16 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2009-11-18 22:38 . 2009-09-15 11:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-18 22:28 . 2009-11-18 22:28 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-18 22:25 . 2009-11-18 22:25 -------- d-----w- c:\documents and settings\C2d-8200\Local Settings\Application Data\Adobe
2009-11-18 22:25 . 2009-11-21 17:33 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-18 22:16 . 2009-11-18 22:16 -------- d-----w- c:\program files\AC3Filter
2009-11-18 22:15 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-11-18 22:15 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-11-18 22:15 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-11-18 22:15 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-11-18 22:15 . 2009-11-04 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-11-18 22:15 . 2009-11-18 22:15 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-11-18 22:13 . 2009-11-20 11:53 -------- d-----w- c:\documents and settings\C2d-8200\Application Data\ICQ
2009-11-18 22:13 . 2009-11-19 16:42 -------- d-----w- c:\program files\ICQ6.5
2009-11-18 19:03 . 2009-11-18 19:03 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-11-18 19:00 . 2009-11-18 19:00 -------- d-----w- c:\windows\system32\AGEIA
2009-11-18 19:00 . 2009-11-21 01:38 -------- d-----w- c:\program files\AGEIA Technologies
2009-11-18 19:00 . 2009-11-21 01:38 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-18 18:59 . 2009-11-18 18:59 -------- d-----w- c:\windows\nview
2009-11-18 18:59 . 2009-04-03 09:34 453152 ----a-w- c:\windows\system32\nvudisp.exe
2009-11-18 18:59 . 2009-03-27 07:14 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-11-18 18:56 . 2009-11-18 18:56 -------- d-----w- c:\program files\7-Zip
2009-11-18 18:47 . 2008-04-14 04:41 33792 -c----w- c:\windows\system32\dllcache\custsat.dll
2009-11-18 18:42 . 2008-04-13 23:10 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2009-11-18 18:36 . 2009-11-21 18:02 44120 ----a-w- c:\documents and settings\C2d-8200\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-17 23:10 . 2009-11-17 23:10 -------- d-----w- c:\documents and settings\C2d-8200\Local Settings\Application Data\Identities
2009-11-17 23:10 . 2009-11-18 16:33 -------- d-----w- c:\windows\system32\wbem\Repository.001
2009-11-17 23:06 . 2008-04-14 04:55 1804 ----a-w- c:\windows\system32\dcache.bin
2009-11-17 21:26 . 2008-04-14 04:41 617472 ----a-w- c:\windows\system32\comctl32.dll
2009-11-17 21:26 . 2008-04-14 04:41 19968 ----a-w- c:\windows\system32\linkinfo.dll
2009-11-17 21:26 . 2005-09-01 01:49 16384 ----a-w- c:\windows\system32\linkinfo(2).dll
2009-11-17 21:26 . 2008-04-14 04:42 28672 ------w- c:\windows\system32\verclsid.exe
2009-11-17 21:08 . 2009-11-17 21:08 0 ----a-w- c:\windows\nsreg.dat
2009-11-17 21:08 . 2009-11-17 21:08 -------- d-----w- c:\documents and settings\C2d-8200\Local Settings\Application Data\Mozilla
2009-11-17 20:23 . 2008-04-14 04:42 11264 ------w- c:\windows\system32\spnpinst.exe
2009-11-17 20:23 . 2004-08-02 13:20 4569 ------w- c:\windows\system32\secupd.dat
2009-11-17 20:06 . 2009-11-17 20:06 -------- d-----w- c:\windows\system32\Lang

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-21 18:01 . 2009-11-17 16:34 -------- d-----w- c:\program files\Common Files\InstallShield
2009-11-19 16:44 . 2009-11-17 16:34 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-18 22:38 . 2009-11-18 22:31 -------- d-----w- c:\program files\Alwil Software
2009-11-18 22:35 . 2009-11-18 22:35 -------- d-----w- c:\program files\Alcohol Soft
2009-11-18 18:58 . 2009-11-18 18:58 -------- d-----w- c:\program files\EXPERTool
2009-11-18 18:51 . 2009-11-17 16:05 6538 ----a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2009-11-18 18:51 . 2009-11-17 16:05 166455 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-11-18 17:20 . 2009-11-17 16:05 8972 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cntstore.bin
2009-11-17 20:09 . 2009-11-17 20:08 -------- d-----w- c:\documents and settings\C2d-8200\Application Data\Winamp
2009-11-17 20:09 . 2009-11-17 20:08 -------- d-----w- c:\program files\Winamp
2009-11-17 16:48 . 2009-11-17 16:48 -------- d-----w- c:\program files\Avira
2009-11-17 16:48 . 2009-11-17 16:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-11-17 16:37 . 2009-11-17 16:37 -------- d-----w- c:\program files\Razer
2009-11-17 16:37 . 2009-11-17 16:37 -------- d-----w- c:\documents and settings\C2d-8200\Application Data\InstallShield
2009-11-17 16:34 . 2009-11-17 16:34 -------- d-----w- c:\program files\Realtek
2009-11-17 16:18 . 2009-11-17 16:18 -------- d-----w- c:\program files\Intel
2009-11-17 16:06 . 2009-11-17 16:06 -------- d-----w- c:\program files\microsoft frontpage
2009-11-17 16:03 . 2009-11-17 16:03 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-09-25 05:37 . 2006-06-23 10:33 667136 ----a-w- c:\windows\system32\wininet.dll
2009-09-25 05:37 . 2004-08-04 07:56 81920 ------w- c:\windows\system32\ieencode.dll
2009-09-15 11:59 . 2009-11-18 22:38 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-09-15 11:56 . 2009-11-18 22:31 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-09-15 11:56 . 2009-11-18 22:31 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-09-15 11:55 . 2009-11-18 22:31 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-09-15 11:55 . 2009-11-18 22:31 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-09-15 11:54 . 2009-11-18 22:38 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-09-15 11:53 . 2009-11-18 22:38 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-09-15 11:53 . 2009-11-18 22:38 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-09-11 14:18 . 2003-03-31 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2003-03-31 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 08:00 . 2003-03-31 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"="c:\program files\EXPERTool\TBPanel.exe" [2009-04-03 2181672]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-11-19 289072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Diamondback"="c:\program files\Razer\Diamondback\razerhid.exe" [2007-02-14 147456]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-03 13684736]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-03 86016]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-02-17 17508864]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-04-03 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AntiVirService"=2 (0x2)
"AntiVirSchedulerService"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [17.11.2009 17:48 22360]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [18.11.2009 23:31 114768]
R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [17.11.2009 17:48 45416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18.11.2009 23:31 20560]
R3 Razerlow;Razerlow USB Filter Driver;c:\windows\system32\drivers\Razerlow.sys [17.11.2009 17:37 13225]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.11.2009 23:28 721904]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [17.11.2009 17:34 1684736]
S4 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [17.11.2009 17:48 108289]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\C2d-8200\Application Data\Mozilla\Firefox\Profiles\deljt6sl.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-22 18:07
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-11-22 18:08
ComboFix-quarantined-files.txt 2009-11-22 17:08

Pre-Run: 10 635 370 496 bytes free
Post-Run: 10 adresárov, 10 876 014 592 voľných bajtov

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - 00ECC5727D37D2F6BEAFA4F7EDB3159B

Příspěvekod **jaro3** » 22 lis 2009 20:13

Takže si odinstaloval Aviru ?

Tak jsou tam po ní ještě zbytky..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\KGyGaAvL.sys
c:\windows\nsreg.dat
c:\windows\system32\drivers\avgntmgr.sys
c:\windows\system32\drivers\avgntdd.sys
c:\program files\Avira\AntiVir Desktop\sched.exe

Folder::
c:\windows\5DB65884C9634454AABA4CA3089281FA.TMP
c:\program files\DAEMON Tools Toolbar
c:\program files\Avira

Driver::
avgntmgr
avgntdd
AntiVirSchedulerService

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AntiVirService"=-
"AntiVirSchedulerService"=-

Firefox::
FF - ProfilePath - c:\documents and settings\C2d-8200\Application Data\Mozilla\Firefox\Profiles\deljt6sl.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

skrat1 · Příspěvekod **skrat1** » 14 pro 2009 18:00

ahoj

prepac ze odpisujem az terz ale nebol som dlho pri PC, na konci po restarte combofixu PC isiel do modrej smrti takze mi ziadny log nevihodil, pokracoval som opat hjackom a tu je log. PC pri nabehnuty vzdy dvakrat pipne co sa predtym nedialo. . .

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:58:07, on 14.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Razer\Diamondback\razerhid.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\EXPERTool\TBPanel.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Razer\Diamondback\razertra.exe
C:\Program Files\Razer\Diamondback\razerofa.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback\razerhid.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 8493333734
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4896 bytes

Damned · Příspěvekod **Damned** » 14 pro 2009 18:17

Zdravím, jaro3 tu chvíli nebude, tak zaskočím.

Na "C" C:\ComboFix.txt nebo ComboFix2.txt není ?

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
*****************************************************************************************************************************************
Ten beep je myslím ok., nemám tu tabulku, zkusím to pohledat.
Odinstaluj si starý ComboFix.

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej Combofix[mezera]/uninstall

Pokud nepůjde a ComboFix je na Ploše, tak Start-->Spustit a do řádku zkopíruj:

Kód: Vybrat vše

"%userprofile%\Plocha\combofix" /uninstall

(Podle CF community bylo změněno /u na uninstall, pokud je na Ploše, tak daný řetězec)

Pokud ti nepůjde ani to tak najdi a smaž:
C:\327882R2FWJFW
C:\ComboFix
C:\Qoobox
C:\Combofix.txt
a Combofix.exe
Pak si stáhni OTCleanIt.
- Připoj se k internetu a dvojklikem spusť program
- Klikni na tlačítko CleanUp
- Po dokončení povol restart PC
- Po restartu tento nástroj smaž - není určen pro běžné používání

Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. Klikni na Run Scan. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

skrat1 · Příspěvekod **skrat1** » 14 pro 2009 18:54

OTL Extras logfile created on: 14.12.2009 18:48:15 - Run 1
OTL by OldTimer - Version 3.1.17.0 Folder = C:\Documents and Settings\C2d-8200\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 80,60% Memory free
3,85 Gb Paging File | 3,51 Gb Available in Paging File | 91,34% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 0,86 Gb Free Space | 3,52% Space Free | Partition Type: NTFS
Drive D: | 441,35 Gb Total Space | 28,92 Gb Free Space | 6,55% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 287,43 Gb Free Space | 61,71% Space Free | Partition Type: NTFS
Drive F: | 149,04 Gb Total Space | 60,64 Gb Free Space | 40,69% Space Free | Partition Type: NTFS
Drive G: | 55,88 Gb Total Space | 34,30 Gb Free Space | 61,38% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 298,09 Gb Total Space | 36,51 Gb Free Space | 12,25% Space Free | Partition Type: NTFS
Drive L: | 356,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MACUMOTO
Current User Name: C2d-8200
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SYSTEMROOT%\hh.exe" %1
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe"

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Computer, Inc.)
"C:\Program Files\Codemasters\DiRT2\dirt2_game.exe" = C:\Program Files\Codemasters\DiRT2\dirt2_game.exe:*:Enabled:DiRT2 -- (Codemasters)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6bad9a6b-8f68-4a4c-b111-063b4504f5d7}" = Nero 9 Lite
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-A80000000000}" = Adobe Reader 8 - Czech
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon Camera WIA Driver
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{CCF7074B-BE72-44E1-9CAC-3FFAC582C692}" = CZ
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE4CF159-4AD2-4754-BDA0-5FB088C8B58B}" = Razer Diamondback
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E9E4BB29-FA98-401B-9EDE-9906906E33DE}" = Paragon Hard Disk Manager 2006
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"7-Zip" = 7-Zip 4.57
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"avast!" = avast! Antivirus
"DPP" = Canon Utilities Digital Photo Professional 3.5
"EOS Utility" = Canon Utilities EOS Utility
"EXPERTool_is1" = EXPERTool 7.4
"HijackThis" = HijackThis 2.0.2
"InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon EOS 5D WIA Driver
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Movienizer_is1" = Movienizer 2.2
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"NVIDIA Drivers" = NVIDIA Drivers
"ODSK" = Canon Utilities Original Data Security Tools
"OpenAL" = OpenAL
"Picture Style Editor" = Canon Utilities Picture Style Editor
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22.11.2009 8:16:23 | Computer Name = MACUMOTO | Source = MsiInstaller | ID = 11335
Description = Product: Need for Speed™ SHIFT -- Error 1335. The cabinet file 'Group5.cab'
required for this installation is corrupt and cannot be used. This could indicate
a network error, an error reading from the CD-ROM, or a problem with this package.

Error - 22.11.2009 8:16:24 | Computer Name = MACUMOTO | Source = MsiInstaller | ID = 11335
Description = Product: Need for Speed™ SHIFT -- Error 1335. The cabinet file 'Group5.cab'
required for this installation is corrupt and cannot be used. This could indicate
a network error, an error reading from the CD-ROM, or a problem with this package.

Error - 22.11.2009 8:16:25 | Computer Name = MACUMOTO | Source = MsiInstaller | ID = 11335
Description = Product: Need for Speed™ SHIFT -- Error 1335. The cabinet file 'Group5.cab'
required for this installation is corrupt and cannot be used. This could indicate
a network error, an error reading from the CD-ROM, or a problem with this package.

Error - 22.11.2009 8:16:25 | Computer Name = MACUMOTO | Source = MsiInstaller | ID = 11335
Description = Product: Need for Speed™ SHIFT -- Error 1335. The cabinet file 'Group5.cab'
required for this installation is corrupt and cannot be used. This could indicate
a network error, an error reading from the CD-ROM, or a problem with this package.

Error - 22.11.2009 8:16:26 | Computer Name = MACUMOTO | Source = MsiInstaller | ID = 11335
Description = Product: Need for Speed™ SHIFT -- Error 1335. The cabinet file 'Group5.cab'
required for this installation is corrupt and cannot be used. This could indicate
a network error, an error reading from the CD-ROM, or a problem with this package.

Error - 22.11.2009 8:16:27 | Computer Name = MACUMOTO | Source = MsiInstaller | ID = 11335
Description = Product: Need for Speed™ SHIFT -- Error 1335. The cabinet file 'Group5.cab'
required for this installation is corrupt and cannot be used. This could indicate
a network error, an error reading from the CD-ROM, or a problem with this package.

Error - 22.11.2009 8:16:28 | Computer Name = MACUMOTO | Source = MsiInstaller | ID = 11335
Description = Product: Need for Speed™ SHIFT -- Error 1335. The cabinet file 'Group5.cab'
required for this installation is corrupt and cannot be used. This could indicate
a network error, an error reading from the CD-ROM, or a problem with this package.

Error - 22.11.2009 8:22:06 | Computer Name = MACUMOTO | Source = MsiInstaller | ID = 11335
Description = Product: Need for Speed™ SHIFT -- Error 1335. The cabinet file 'Group4.cab'
required for this installation is corrupt and cannot be used. This could indicate
a network error, an error reading from the CD-ROM, or a problem with this package.

Error - 22.11.2009 8:22:20 | Computer Name = MACUMOTO | Source = MsiInstaller | ID = 11335
Description = Product: Need for Speed™ SHIFT -- Error 1335. The cabinet file 'Group4.cab'
required for this installation is corrupt and cannot be used. This could indicate
a network error, an error reading from the CD-ROM, or a problem with this package.

Error - 22.11.2009 13:05:31 | Computer Name = MACUMOTO | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie pev.cfxxe, verzia 0.0.0.0, zlyhanie modulu pev.cfxxe,
verzia 0.0.0.0, adresa zlyhania 0x000d2040.

[ System Events ]
Error - 1.12.2009 5:55:55 | Computer Name = MACUMOTO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Cardex zlyhalo kvôli nasledujúcej chybe: %%183

Error - 2.12.2009 4:31:34 | Computer Name = MACUMOTO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Cardex zlyhalo kvôli nasledujúcej chybe: %%183

Error - 2.12.2009 17:16:29 | Computer Name = MACUMOTO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Cardex zlyhalo kvôli nasledujúcej chybe: %%183

Error - 3.12.2009 8:30:19 | Computer Name = MACUMOTO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Cardex zlyhalo kvôli nasledujúcej chybe: %%183

Error - 3.12.2009 9:08:41 | Computer Name = MACUMOTO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Cardex zlyhalo kvôli nasledujúcej chybe: %%183

Error - 4.12.2009 6:23:33 | Computer Name = MACUMOTO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Cardex zlyhalo kvôli nasledujúcej chybe: %%183

Error - 5.12.2009 7:39:48 | Computer Name = MACUMOTO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Cardex zlyhalo kvôli nasledujúcej chybe: %%183

Error - 5.12.2009 12:19:33 | Computer Name = MACUMOTO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Cardex zlyhalo kvôli nasledujúcej chybe: %%183

Error - 6.12.2009 6:53:22 | Computer Name = MACUMOTO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Cardex zlyhalo kvôli nasledujúcej chybe: %%183

Error - 6.12.2009 15:21:47 | Computer Name = MACUMOTO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Cardex zlyhalo kvôli nasledujúcej chybe: %%183

< End of report >

skrat1 · Příspěvekod **skrat1** » 14 pro 2009 18:57

z OTL.txt chces ktoru cast je tam toho cez 180000 znakov. . .

Prosim o kontrolu logu (VIRUS)

Prosim o kontrolu logu (VIRUS)

Re: Prosim o kontrolu logu (VIRUS)

Re: Prosim o kontrolu logu (VIRUS)

Re: Prosim o kontrolu logu (VIRUS)

Re: Prosim o kontrolu logu (VIRUS)

Re: Prosim o kontrolu logu (VIRUS)

Re: Prosim o kontrolu logu (VIRUS)

Re: Prosim o kontrolu logu (VIRUS)

Re: Prosim o kontrolu logu (VIRUS)

Re: Prosim o kontrolu logu (VIRUS)

Re: Prosim o kontrolu logu (VIRUS)

Re: Prosim o kontrolu logu (VIRUS)

Kdo je online